s:\jamplus\bin\win64\jam.pdb
Overview
overview
3Static
static
34.1.0.1647...er.exe
windows7-x64
14.1.0.1647...er.exe
windows10-2004-x64
14.1.0.1647...de.dll
windows7-x64
14.1.0.1647...de.dll
windows10-2004-x64
14.1.0.1647...ua.exe
windows7-x64
14.1.0.1647...ua.exe
windows10-2004-x64
14.1.0.1647...nes.js
windows7-x64
34.1.0.1647...nes.js
windows10-2004-x64
34.1.0.1647...53.dll
windows7-x64
14.1.0.1647...53.dll
windows10-2004-x64
14.1.0.1647...fi.dll
windows7-x64
14.1.0.1647...fi.dll
windows10-2004-x64
14.1.0.1647...re.dll
windows7-x64
14.1.0.1647...re.dll
windows10-2004-x64
1CapCut_737...er.exe
windows7-x64
3CapCut_737...er.exe
windows10-2004-x64
3vcruntime140.dll
windows7-x64
1vcruntime140.dll
windows10-2004-x64
1vcruntime140_1.dll
windows7-x64
1vcruntime140_1.dll
windows10-2004-x64
1Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
4.1.0.1647/CapCut_7376550521366298640_installer.exe
Resource
win7-20240903-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
4.1.0.1647/CapCut_7376550521366298640_installer.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral3
Sample
4.1.0.1647/lua/lua-tilde.dll
Resource
win7-20240903-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral4
Sample
4.1.0.1647/lua/lua-tilde.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral5
Sample
4.1.0.1647/lua/lua.exe
Resource
win7-20240708-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral6
Sample
4.1.0.1647/lua/lua.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral7
Sample
4.1.0.1647/lua/lua/lanes.js
Resource
win7-20240903-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral8
Sample
4.1.0.1647/lua/lua/lanes.js
Resource
win10v2004-20240802-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral9
Sample
4.1.0.1647/lua/lua53.dll
Resource
win7-20240903-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral10
Sample
4.1.0.1647/lua/lua53.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral11
Sample
4.1.0.1647/lua/modules/ffi.dll
Resource
win7-20240708-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral12
Sample
4.1.0.1647/lua/modules/ffi.dll
Resource
win10v2004-20240910-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral13
Sample
4.1.0.1647/lua/modules/lanes/core.dll
Resource
win7-20240708-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral14
Sample
4.1.0.1647/lua/modules/lanes/core.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral15
Sample
CapCut_7376550521366298640_installer.exe
Resource
win7-20240903-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral16
Sample
CapCut_7376550521366298640_installer.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral17
Sample
vcruntime140.dll
Resource
win7-20240903-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral18
Sample
vcruntime140.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral19
Sample
vcruntime140_1.dll
Resource
win7-20240729-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral20
Sample
vcruntime140_1.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
CapCut_7376550521366298640_installer.zip
-
Size
1.3MB
-
MD5
75c08f8fcea5426f56b8364fd631ba73
-
SHA1
7ad1fcc74fa1463c831ec7fe0f7cfefad0fae9b5
-
SHA256
8e6bbe8ac1ecdd230a4dcafa981ff00663fae06f7b85b117a87917b6f04f894f
-
SHA512
a4ace2a3aa7f27b7ba3adcb9338482a73493e7f2b568015542c00da0407f4a59aaa1a8ef2b48f83bce6f1f0df6859497f4cf15403980219339636967cfafc72f
-
SSDEEP
24576:HIVolw3ghNwwm9h74flrulDFSyS6v49WUeh5YQ286IJpc9TeFcY5xPB:HbG36+VT0leJSySS4Ivv28T+CdB
Score
3/10
Malware Config
Signatures
-
Unsigned PE 6 IoCs
Checks for missing Authenticode signature.
resource unpack001/4.1.0.1647/CapCut_7376550521366298640_installer.exe unpack001/4.1.0.1647/lua/lua-tilde.dll unpack001/4.1.0.1647/lua/lua.exe unpack001/4.1.0.1647/lua/lua53.dll unpack001/4.1.0.1647/lua/modules/ffi.dll unpack001/4.1.0.1647/lua/modules/lanes/core.dll
Files
-
CapCut_7376550521366298640_installer.zip.zip
-
4.1.0.1647/CapCut_7376550521366298640_installer.exe.exe windows:6 windows x64 arch:x64
db0db8d9d70a6efc1e8753341deffe66
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
advapi32
RegQueryValueExA
RegOpenKeyExA
winmm
timeGetTime
kernel32
WriteConsoleW
TerminateProcess
WaitForMultipleObjects
GetLastError
CloseHandle
GetExitCodeProcess
GetModuleFileNameA
FindFirstFileA
CreatePipe
FindClose
CreateFileA
CreateProcessA
CreateDirectoryA
LoadLibraryA
GetProcAddress
FindNextFileA
GetFileInformationByHandle
FileTimeToSystemTime
GetShortPathNameA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
HeapSize
RtlUnwindEx
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
RaiseException
ExitProcess
GetModuleHandleExW
DuplicateHandle
SetConsoleCtrlHandler
FindFirstFileExW
FindNextFileW
SystemTimeToTzSpecificLocalTime
CreateFileW
GetDriveTypeW
GetFileType
PeekNamedPipe
SetStdHandle
ReadFile
SetFileTime
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
GetStdHandle
WriteFile
GetModuleFileNameW
GetCommandLineA
GetCommandLineW
GetFullPathNameW
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetConsoleMode
ReadConsoleW
SetFilePointerEx
HeapAlloc
HeapFree
CompareStringW
LCMapStringW
HeapReAlloc
MultiByteToWideChar
WideCharToMultiByte
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetFileSizeEx
GetConsoleCP
GetTimeZoneInformation
MoveFileExW
FlushFileBuffers
GetStringTypeW
GetProcessHeap
GetFileAttributesExW
DeleteFileW
SetEndOfFile
WaitForSingleObject
CreateProcessW
RemoveDirectoryW
RtlUnwind
Sections
.text Size: 291KB - Virtual size: 291KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 71KB - Virtual size: 71KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 14KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 148B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
4.1.0.1647/lua/lua-tilde.dll.dll windows:6 windows x64 arch:x64
7c2bb3c95467522658a8714f6b90dd61
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
s:\jamplus\src\luaplus\.build\win64\bin\lua-tilde.pdb
Imports
lua53
lua_pushfstring
lua_getglobal
lua_topointer
lua_isstring
luaL_loadbufferx
lua_tolstring
lua_isuserdata
lua_pushboolean
lua_getuservalue
lua_xmove
lua_pushthread
lua_touserdata
lua_concat
lua_setlocal
lua_tointegerx
lua_setfield
lua_gettable
lua_pushlightuserdata
lua_type
lua_settable
lua_rotate
lua_getmetatable
lua_setupvalue
lua_getinfo
lua_rawgeti
lua_pushstring
lua_getstack
lua_tonumberx
lua_pushnumber
lua_tothread
lua_checkstack
lua_gettop
lua_rawget
lua_getupvalue
lua_typename
lua_gc
lua_toboolean
lua_getlocal
lua_setmetatable
lua_setuservalue
lua_compare
lua_settop
lua_pushvalue
lua_pushnil
lua_isnumber
lua_pushlstring
lua_callk
lua_sethook
lua_iscfunction
lua_createtable
lua_next
lua_pcallk
lua_pushcclosure
msvcp140
?_Xlength_error@std@@YAXPEBD@Z
wsock32
accept
bind
closesocket
select
listen
WSAStartup
send
socket
inet_addr
recv
htons
WSAGetLastError
__WSAFDIsSet
WSACleanup
kernel32
TerminateProcess
OutputDebugStringA
DebugBreak
GetCurrentProcessId
Sleep
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
DisableThreadLibraryCalls
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
vcruntime140_1
__CxxFrameHandler4
vcruntime140
__std_exception_destroy
__std_exception_copy
__C_specific_handler
_CxxThrowException
__std_type_info_destroy_list
memset
memmove
memcmp
memcpy
api-ms-win-crt-runtime-l1-1-0
_execute_onexit_table
_cexit
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_invalid_parameter_noinfo_noreturn
_initialize_onexit_table
exit
api-ms-win-crt-stdio-l1-1-0
__stdio_common_vfprintf
__acrt_iob_func
__stdio_common_vsprintf
api-ms-win-crt-heap-l1-1-0
malloc
_callnewh
free
api-ms-win-crt-string-l1-1-0
_stricmp
tolower
Exports
Exports
LuaTilde_Command
Sections
.text Size: 57KB - Virtual size: 56KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 15KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 216B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
4.1.0.1647/lua/lua.exe.exe windows:6 windows x64 arch:x64
ed66f22e0afd28064ad523cc2bbbd2ee
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
s:\jamplus\src\luaplus\.build\win64\bin\lua.pdb
Imports
lua53
lua_pushlstring
luaL_traceback
lua_type
lua_pushlightuserdata
lua_setfield
lua_getinfo
lua_tointegerx
luaL_callmeta
luaL_error
lua_concat
luaL_newstate
lua_createtable
lua_setglobal
lua_pushboolean
lua_tolstring
lua_typename
lua_getglobal
lua_pushfstring
lua_touserdata
lua_sethook
lua_rawgeti
lua_pushstring
luaL_checkstack
luaL_loadfilex
lua_getstack
lua_gettop
luaL_len
lua_close
luaL_checkversion_
luaL_openlibs
lua_settop
lua_rawseti
luaL_loadbufferx
lua_pcallk
lua_toboolean
lua_pushinteger
lua_rotate
lua_pushcclosure
kernel32
LoadLibraryA
GetProcAddress
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetModuleHandleW
GetSystemTimeAsFileTime
IsDebuggerPresent
InitializeSListHead
GetModuleFileNameA
vcruntime140
strrchr
__C_specific_handler
__current_exception
__current_exception_context
memset
api-ms-win-crt-stdio-l1-1-0
__p__commode
_set_fmode
fputs
fwrite
_fileno
_isatty
fopen
__acrt_iob_func
fflush
fclose
__stdio_common_vfprintf
fgets
api-ms-win-crt-filesystem-l1-1-0
_fullpath
api-ms-win-crt-runtime-l1-1-0
_crt_atexit
_register_onexit_function
_initialize_onexit_table
terminate
_set_app_type
_seh_filter_exe
_register_thread_local_exe_atexit_callback
_c_exit
_cexit
__p___argv
__p___argc
_exit
exit
_initterm_e
_initterm
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
signal
api-ms-win-crt-environment-l1-1-0
getenv
api-ms-win-crt-math-l1-1-0
__setusermatherr
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
api-ms-win-crt-heap-l1-1-0
_set_new_mode
Sections
.text Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 1024B - Virtual size: 588B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 52B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
4.1.0.1647/lua/lua/lanes.lua.js
-
4.1.0.1647/lua/lua53.dll.dll windows:6 windows x64 arch:x64
3a14ab98dc8f38647769f44da2071adb
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
s:\jamplus\src\luaplus\.build\win64\bin\lua53.pdb
Imports
kernel32
GetModuleFileNameA
LoadLibraryExA
GetModuleHandleA
GetLastError
GetProcAddress
FreeLibrary
FormatMessageA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
vcruntime140
strstr
strchr
longjmp
strrchr
memchr
__std_terminate
__C_specific_handler
__std_exception_copy
__std_exception_destroy
_CxxThrowException
__std_type_info_destroy_list
memset
memcmp
memcpy
__intrinsic_setjmp
vcruntime140_1
__CxxFrameHandler4
api-ms-win-crt-stdio-l1-1-0
fwrite
__stdio_common_vsprintf
_fseeki64
_popen
fgets
_ftelli64
clearerr
feof
__stdio_common_vfprintf
fputs
setvbuf
tmpfile
_pclose
getc
fclose
tmpnam
ungetc
fflush
freopen
__acrt_iob_func
fopen
ferror
fread
api-ms-win-crt-heap-l1-1-0
_callnewh
malloc
realloc
free
api-ms-win-crt-string-l1-1-0
isxdigit
strpbrk
isgraph
strncpy
isprint
strcoll
strncmp
islower
ispunct
iscntrl
isalpha
isdigit
strspn
tolower
isalnum
toupper
strcmp
isspace
isupper
api-ms-win-crt-runtime-l1-1-0
_errno
strerror
exit
abort
_cexit
_execute_onexit_table
_initialize_onexit_table
system
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
api-ms-win-crt-locale-l1-1-0
localeconv
setlocale
api-ms-win-crt-utility-l1-1-0
srand
rand
api-ms-win-crt-environment-l1-1-0
getenv
api-ms-win-crt-convert-l1-1-0
strtod
api-ms-win-crt-math-l1-1-0
log10
floor
log
fmod
ceil
sqrt
acos
asin
frexp
cos
exp
atan2
ldexp
pow
tan
sin
api-ms-win-crt-time-l1-1-0
_difftime64
strftime
_localtime64
_time64
_gmtime64
_mktime64
clock
api-ms-win-crt-filesystem-l1-1-0
rename
_access
remove
Exports
Exports
?DumpObject@LuaState@LuaPlus@@QEAA_NAEAVLuaStateOutFile@2@AEAVLuaObject@2@1IHI@Z
?DumpObject@LuaState@LuaPlus@@QEAA_NAEAVLuaStateOutFile@2@PEBDAEAVLuaObject@2@IHI@Z
?DumpObject@LuaState@LuaPlus@@QEAA_NPEBD0AEAVLuaObject@2@IHI@Z
?DumpObject@LuaState@LuaPlus@@QEAA_NPEBDAEAVLuaObject@2@1IHI@Z
luaL_addlstring
luaL_addstring
luaL_addvalue
luaL_argerror
luaL_buffinit
luaL_buffinitsize
luaL_callmeta
luaL_checkany
luaL_checkinteger
luaL_checklstring
luaL_checknumber
luaL_checkoption
luaL_checkstack
luaL_checktype
luaL_checkudata
luaL_checkversion_
luaL_error
luaL_execresult
luaL_fileresult
luaL_getmetafield
luaL_getsubtable
luaL_gsub
luaL_len
luaL_loadbufferx
luaL_loadfilex
luaL_loadstring
luaL_newmetatable
luaL_newstate
luaL_openlibs
luaL_optinteger
luaL_optlstring
luaL_optnumber
luaL_prepbuffsize
luaL_pushresult
luaL_pushresultsize
luaL_ref
luaL_requiref
luaL_setfuncs
luaL_setmetatable
luaL_testudata
luaL_tolstring
luaL_traceback
luaL_unref
luaL_where
lua_absindex
lua_arith
lua_atpanic
lua_callk
lua_checkstack
lua_close
lua_compare
lua_concat
lua_copy
lua_createtable
lua_dump
lua_error
lua_fastref
lua_fastrefindex
lua_fastunref
lua_gc
lua_getallocf
lua_getfastref
lua_getfield
lua_getglobal
lua_gethook
lua_gethookcount
lua_gethookmask
lua_geti
lua_getinfo
lua_getlocal
lua_getmetatable
lua_getstack
lua_gettable
lua_gettop
lua_getupvalue
lua_getuservalue
lua_iscfunction
lua_isinteger
lua_isnumber
lua_isstring
lua_isuserdata
lua_isyieldable
lua_len
lua_load
lua_newstate
lua_newthread
lua_newuserdata
lua_next
lua_pcallk
lua_pushboolean
lua_pushcclosure
lua_pushfstring
lua_pushinteger
lua_pushlightuserdata
lua_pushlstring
lua_pushnil
lua_pushnumber
lua_pushstring
lua_pushthread
lua_pushvalue
lua_pushvfstring
lua_rawequal
lua_rawget
lua_rawgeti
lua_rawgetp
lua_rawlen
lua_rawset
lua_rawseti
lua_rawsetp
lua_resume
lua_rotate
lua_setallocf
lua_setfield
lua_setglobal
lua_sethook
lua_seti
lua_setlocal
lua_setmetatable
lua_settable
lua_settop
lua_setupvalue
lua_setuservalue
lua_status
lua_stringtonumber
lua_toboolean
lua_tocfunction
lua_tointegerx
lua_tolstring
lua_tonumberx
lua_topointer
lua_tothread
lua_touserdata
lua_type
lua_typename
lua_upvalueid
lua_upvaluejoin
lua_version
lua_xmove
lua_yieldk
luaopen_base
luaopen_bit32
luaopen_coroutine
luaopen_debug
luaopen_io
luaopen_math
luaopen_os
luaopen_package
luaopen_string
luaopen_table
luaopen_utf8
Sections
.text Size: 237KB - Virtual size: 237KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 41KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 912B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
4.1.0.1647/lua/modules/ffi.dll.dll windows:6 windows x64 arch:x64
8a2e1721e56d737f4accb0ce2320aacf
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
s:\jamplus\src\luaplus\.build\win64\bin\modules\ffi.pdb
Imports
lua53
lua_setmetatable
luaL_checkstack
lua_pushvfstring
lua_isnumber
luaL_argerror
luaL_buffinit
lua_toboolean
lua_typename
luaL_addstring
luaL_checknumber
lua_tonumberx
lua_error
luaL_prepbuffsize
lua_pushfstring
lua_getglobal
lua_topointer
luaL_addvalue
lua_setglobal
luaL_setfuncs
luaL_checkinteger
lua_concat
luaL_pushresult
lua_tointegerx
lua_gettable
luaL_checktype
lua_rawequal
luaL_checklstring
lua_pushlstring
lua_copy
lua_pcallk
lua_pushinteger
lua_setuservalue
lua_pushcclosure
lua_rawget
lua_isstring
lua_tolstring
lua_isuserdata
lua_newuserdata
lua_next
lua_setfield
lua_pushlightuserdata
lua_type
lua_getmetatable
lua_pushnil
lua_pushvalue
lua_settop
lua_rawlen
lua_rawseti
lua_getfield
lua_rawset
lua_gettop
lua_pushnumber
luaL_unref
lua_pushstring
lua_rawgeti
lua_touserdata
lua_callk
lua_pushboolean
lua_getuservalue
lua_tocfunction
lua_createtable
luaL_ref
luaL_error
lua_rotate
kernel32
SetLastError
VirtualProtect
GetCurrentProcess
VirtualAlloc
GetLastError
GetProcAddress
FlushInstructionCache
GetModuleHandleA
GetModuleHandleExA
LoadLibraryA
GetSystemInfo
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
VirtualFree
vcruntime140
memchr
memcpy
memmove
memset
memcmp
__std_type_info_destroy_list
__C_specific_handler
strchr
api-ms-win-crt-runtime-l1-1-0
_execute_onexit_table
_initialize_narrow_environment
_cexit
_seh_filter_dll
_initialize_onexit_table
_initterm_e
_initterm
_configure_narrow_argv
exit
api-ms-win-crt-heap-l1-1-0
realloc
malloc
free
api-ms-win-crt-stdio-l1-1-0
__p__fmode
__stdio_common_vsprintf
api-ms-win-crt-convert-l1-1-0
strtoul
strtol
api-ms-win-crt-math-l1-1-0
pow
api-ms-win-crt-string-l1-1-0
strcmp
Exports
Exports
luaopen_ffi
Sections
.text Size: 80KB - Virtual size: 80KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 292B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
4.1.0.1647/lua/modules/lanes/core.dll.dll windows:6 windows x64 arch:x64
b3587fbdc19de144956b98ba1a77ec5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
s:\jamplus\src\luaplus\.build\win64\bin\modules\lanes\core.pdb
Imports
lua53
lua_setallocf
luaL_newmetatable
luaL_argerror
luaopen_table
lua_setupvalue
lua_dump
luaopen_base
luaopen_utf8
lua_isinteger
luaL_pushresult
lua_tocfunction
luaopen_os
lua_rawlen
luaL_addvalue
luaopen_string
lua_topointer
luaopen_math
luaL_addlstring
lua_getupvalue
lua_gc
luaopen_io
luaL_buffinit
luaopen_debug
luaL_openlibs
luaopen_coroutine
lua_typename
luaL_optlstring
lua_iscfunction
lua_pushnumber
luaL_checknumber
lua_tonumberx
lua_getstack
luaL_checkudata
lua_sethook
luaL_optnumber
luaL_setfuncs
luaL_checkinteger
lua_gettable
luaL_checktype
lua_rawequal
lua_settable
luaL_checklstring
lua_pushlstring
lua_getinfo
luaL_loadstring
lua_isnumber
luaL_loadfilex
lua_pushnil
lua_setuservalue
lua_rawseti
lua_close
luaL_requiref
lua_error
luaL_optinteger
lua_rawgeti
lua_callk
lua_pushboolean
lua_newstate
luaopen_package
lua_setglobal
lua_getuservalue
lua_next
lua_tointegerx
lua_absindex
lua_getallocf
lua_copy
lua_pushinteger
lua_pushvalue
lua_settop
lua_compare
lua_setmetatable
lua_toboolean
lua_getfield
lua_rawset
lua_rawget
lua_gettop
lua_checkstack
lua_pushstring
lua_touserdata
lua_pushfstring
lua_getglobal
lua_isstring
lua_tolstring
lua_newuserdata
lua_createtable
lua_concat
luaL_error
lua_setfield
lua_pushlightuserdata
lua_type
lua_rotate
lua_getmetatable
lua_pcallk
luaL_loadbufferx
lua_pushcclosure
kernel32
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
SleepConditionVariableCS
WakeAllConditionVariable
SetThreadPriority
InitializeConditionVariable
WaitForSingleObject
GetCurrentThreadId
GetLastError
GetCurrentThread
TerminateThread
RaiseException
SystemTimeToFileTime
GetSystemTime
FormatMessageA
Sleep
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
vcruntime140
__std_type_info_destroy_list
memset
__C_specific_handler
memcpy
api-ms-win-crt-heap-l1-1-0
malloc
free
api-ms-win-crt-runtime-l1-1-0
abort
_beginthreadex
_cexit
_execute_onexit_table
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
api-ms-win-crt-stdio-l1-1-0
__stdio_common_vsprintf
__acrt_iob_func
__stdio_common_vfprintf
api-ms-win-crt-time-l1-1-0
_mktime64
api-ms-win-crt-string-l1-1-0
isalnum
strncmp
Exports
Exports
luaG_newdeepuserdata
luaG_pushdeepversion
luaG_todeep
luaopen_lanes_core
luaopen_lanes_embedded
Sections
.text Size: 43KB - Virtual size: 42KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 120B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
CapCut_7376550521366298640_installer.exe.exe windows:6 windows x86 arch:x86
6fa91ee3b9c1420b0a56cccb4bd80696
Code Sign
05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5cCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-08-2013 12:00Not After15-01-2038 12:00SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31Certificate
IssuerCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before13-01-2022 00:00Not After09-11-2031 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29-04-2021 00:00Not After28-04-2036 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
06:df:4d:93:8e:75:e6:3d:64:8a:be:02:29:5c:d3:3cCertificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before01-08-2022 00:00Not After30-07-2025 23:59SubjectSERIALNUMBER=201923456H,CN=Bytedance Pte. Ltd.,O=Bytedance Pte. Ltd.,L=Singapore,C=SG,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025347Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14-07-2023 00:00Not After13-10-2034 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23-03-2022 00:00Not After22-03-2037 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-08-2022 00:00Not After09-11-2031 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
60:c5:ee:52:27:79:1d:f1:ee:3c:f1:90:31:a8:91:c9:09:2e:d1:0d:fb:12:e9:a6:00:65:77:70:b1:91:b7:c7Signer
Actual PE Digest60:c5:ee:52:27:79:1d:f1:ee:3c:f1:90:31:a8:91:c9:09:2e:d1:0d:fb:12:e9:a6:00:65:77:70:b1:91:b7:c7Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
D:\code\bytedance\installer\LVInstallerCC\VideofusionInstaller\build\CC_RELEASE\JianyingLauncher.pdb
Imports
powrprof
PowerDeterminePlatformRole
setupapi
CM_Get_Device_IDW
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
kernel32
GetTickCount
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
FileTimeToSystemTime
ProcessIdToSessionId
GetCommandLineW
GetEnvironmentVariableW
GetDiskFreeSpaceExW
GetVolumeInformationW
QueryDosDeviceW
GetTempPathW
GetCurrentProcessId
TerminateProcess
GetExitCodeProcess
CreateProcessW
GetVersion
GetSystemDirectoryW
LocalAlloc
lstrcmpW
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
CopyFileW
MoveFileExW
WTSGetActiveConsoleSessionId
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetEvent
ResetEvent
CreateEventW
CreateThread
MoveFileW
InitializeCriticalSectionAndSpinCount
Sleep
OpenMutexA
lstrlenW
GetProcessId
GetModuleHandleA
GetNativeSystemInfo
GetCurrentThreadId
CreateMutexW
FormatMessageA
OutputDebugStringA
ReleaseMutex
RegisterWaitForSingleObject
UnregisterWaitEx
SetThreadPriority
GetThreadPriority
IsDebuggerPresent
DuplicateHandle
GetUserDefaultLangID
TryEnterCriticalSection
SystemTimeToTzSpecificLocalTime
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetLocalTime
QueryPerformanceFrequency
GetModuleHandleExW
TlsGetValue
TlsSetValue
TlsAlloc
TlsFree
SetInformationJobObject
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
WaitForMultipleObjects
GlobalMemoryStatusEx
RtlCaptureStackBackTrace
QueueUserWorkItem
GetModuleHandleExA
GetProcessHeaps
HeapSetInformation
HeapUnlock
HeapLock
HeapWalk
GetProcessIoCounters
VirtualQueryEx
GetProcessTimes
GetSystemInfo
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
LoadLibraryExW
WriteConsoleW
SetStdHandle
GetTimeZoneInformation
FreeEnvironmentStringsW
GetEnvironmentStringsW
FatalAppExitA
FlushFileBuffers
SetFilePointerEx
ReadConsoleW
GetFileType
CreateSemaphoreW
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStdHandle
GetStringTypeW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
EncodePointer
AreFileApisANSI
ExitProcess
GetConsoleMode
GetConsoleCP
SetConsoleCtrlHandler
GetFileInformationByHandle
InitializeCriticalSectionEx
DeleteCriticalSection
DecodePointer
SystemTimeToFileTime
SetFileTime
SetFilePointer
LocalFileTimeToFileTime
GetCurrentDirectoryW
GetCurrentThread
GetCurrentProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
LoadLibraryW
FreeLibrary
GetWindowsDirectoryW
OpenProcess
WaitForSingleObject
LocalFree
GetProcAddress
GetModuleHandleW
GetVersionExW
DeviceIoControl
SetLastError
SetFileAttributesW
GetLongPathNameW
GetFullPathNameW
ExpandEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
CloseHandle
WriteFile
ReadFile
GetFileSize
CreateFileW
FindResourceW
SizeofResource
LockResource
LoadResource
GetModuleFileNameW
FindResourceExW
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
RaiseException
RemoveDirectoryW
GetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
DeleteFileW
CreateDirectoryW
GetUserDefaultLCID
EnumSystemLocalesW
SetEndOfFile
SetEnvironmentVariableA
OutputDebugStringW
TzSpecificLocalTimeToSystemTime
LoadLibraryExA
GetFileAttributesExW
IsProcessorFeaturePresent
VirtualQuery
VirtualProtect
VirtualAlloc
RtlUnwind
user32
GetWindowLongW
EnumWindows
GetClassNameW
GetWindowThreadProcessId
GetWindowTextLengthW
WaitMessage
GetWindowTextW
PostMessageW
ExitWindowsEx
UnregisterClassW
GetDC
GetDesktopWindow
DestroyWindow
SetTimer
PostQuitMessage
KillTimer
GetQueueStatus
TranslateMessage
RegisterClassExW
CallMsgFilterW
PeekMessageW
MsgWaitForMultipleObjectsEx
CreateWindowExW
DefWindowProcW
DispatchMessageW
CharUpperW
GetKeyState
IsWindowEnabled
FindWindowW
SystemParametersInfoW
IsWindow
GetSystemMetrics
gdi32
DeleteObject
GetDeviceCaps
advapi32
GetTraceEnableLevel
UnregisterTraceGuids
TraceEvent
GetTraceLoggerHandle
GetTraceEnableFlags
RegNotifyChangeKeyValue
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
ConvertSidToStringSidW
RegQueryInfoKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyW
RegEnumKeyExW
RegDeleteKeyExW
RegCreateKeyExW
RegOpenCurrentUser
RegCloseKey
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
MapGenericMask
IsValidSecurityDescriptor
InitializeSecurityDescriptor
ImpersonateLoggedOnUser
GetFileSecurityW
FreeSid
EqualSid
DuplicateToken
AllocateAndInitializeSid
AddAccessAllowedAce
AccessCheck
LookupPrivilegeValueW
RevertToSelf
ImpersonateSelf
AdjustTokenPrivileges
OpenThreadToken
SetThreadToken
ConvertStringSidToSidW
LookupAccountSidW
SetTokenInformation
GetTokenInformation
DuplicateTokenEx
OpenProcessToken
CreateProcessAsUserW
SetNamedSecurityInfoW
GetNamedSecurityInfoW
IsValidSid
InitializeSid
InitializeAcl
GetSidSubAuthority
GetSidLengthRequired
GetLengthSid
GetAclInformation
GetAce
CopySid
AddAce
RegisterTraceGuidsW
shell32
SHGetKnownFolderPath
ShellExecuteW
SHGetFolderPathW
SHGetSpecialFolderPathW
SHGetFolderPathA
ShellExecuteExW
CommandLineToArgvW
ole32
CoInitializeEx
CoUninitialize
CoCreateInstance
CoInitialize
PropVariantClear
CoTaskMemFree
oleaut32
SysAllocString
SysStringLen
VariantClear
SysFreeString
shlwapi
SHStrDupW
StrToIntW
ord176
SHSetValueW
StrChrW
SHGetValueW
StrCmpNW
StrCmpNIW
PathRemoveFileSpecW
PathIsDirectoryW
PathGetDriveNumberW
PathFindExtensionW
PathAddBackslashW
PathFileExistsW
PathAppendW
StrRChrW
StrCmpIW
StrCpyNW
userenv
LoadUserProfileW
DestroyEnvironmentBlock
CreateEnvironmentBlock
UnloadUserProfile
mpr
WNetGetResourceInformationW
psapi
GetProcessMemoryInfo
GetProcessImageFileNameW
GetModuleFileNameExW
EnumProcesses
EnumProcessModules
QueryWorkingSet
netapi32
NetGetJoinInformation
NetApiBufferFree
winmm
timeBeginPeriod
timeGetTime
timeEndPeriod
Exports
Exports
GetHandleVerifier
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 164KB - Virtual size: 164KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 2B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 134KB - Virtual size: 134KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 35KB - Virtual size: 34KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Jambase.jam
-
Jamfile.lua
-
vcruntime140.dll.dll windows:6 windows x64 arch:x64
f143e2868efde0fcb493bd3051708a62
Code Sign
33:00:00:01:03:49:9c:76:42:f1:37:3d:9d:00:00:00:00:01:03Certificate
IssuerCN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before23-08-2018 20:20Not After23-11-2019 20:20SubjectCN=Microsoft Time-Stamp service,OU=Microsoft Ireland Operations Limited+OU=Thales TSS ESN:0842-4BE6-C29A,O=Microsoft Corporation,L=Redmond,ST=WA,C=USExtended Key Usages
ExtKeyUsageTimeStamping
33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51Certificate
IssuerCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before02-05-2019 21:37Not After02-05-2020 21:37SubjectCN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:16:68:34:00:00:00:00:00:1cCertificate
IssuerCN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6dNot Before03-04-2007 12:53Not After03-04-2021 13:03SubjectCN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
61:0e:90:d2:00:00:00:00:00:03Certificate
IssuerCN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before08-07-2011 20:59Not After08-07-2026 21:09SubjectCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51Certificate
IssuerCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before02-05-2019 21:37Not After02-05-2020 21:37SubjectCN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:0e:90:d2:00:00:00:00:00:03Certificate
IssuerCN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before08-07-2011 20:59Not After08-07-2026 21:09SubjectCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
7b:9a:42:b4:cf:09:aa:e1:8e:9a:4a:85:a1:65:44:ed:03:56:7b:c0:cf:aa:7c:96:e6:cf:ec:1b:05:7c:49:7fSigner
Actual PE Digest7b:9a:42:b4:cf:09:aa:e1:8e:9a:4a:85:a1:65:44:ed:03:56:7b:c0:cf:aa:7c:96:e6:cf:ec:1b:05:7c:49:7fDigest Algorithmsha256PE Digest Matchestruef9:2f:ae:d1:4e:bc:b0:f5:94:75:cf:61:29:49:62:23:5d:7b:91:82Signer
Actual PE Digestf9:2f:ae:d1:4e:bc:b0:f5:94:75:cf:61:29:49:62:23:5d:7b:91:82Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
d:\agent\_work\1\s\\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb
Imports
api-ms-win-crt-runtime-l1-1-0
terminate
abort
api-ms-win-crt-heap-l1-1-0
calloc
malloc
free
api-ms-win-crt-string-l1-1-0
strcpy_s
wcsncmp
api-ms-win-crt-stdio-l1-1-0
__stdio_common_vsprintf_s
api-ms-win-crt-convert-l1-1-0
atol
kernel32
GetLastError
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
RtlLookupFunctionEntry
GetModuleHandleW
GetModuleFileNameW
RtlUnwindEx
RtlUnwind
EncodePointer
RaiseException
RtlPcToFileHeader
InterlockedPushEntrySList
InterlockedFlushSList
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetProcAddress
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
Exports
Exports
_CreateFrameInfo
_CxxThrowException
_FindAndUnlinkFrame
_IsExceptionObjectToBeDestroyed
_SetWinRTOutOfMemoryExceptionCallback
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__C_specific_handler
__C_specific_handler_noexcept
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__NLG_Dispatch2
__NLG_Return2
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__TypeMatch
__current_exception
__current_exception_context
__intrinsic_setjmp
__intrinsic_setjmpex
__processing_throw
__report_gsfailure
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_compare
__std_type_info_destroy_list
__std_type_info_hash
__std_type_info_name
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
__unDName
__unDNameEx
__uncaught_exception
__uncaught_exceptions
__vcrt_GetModuleFileNameW
__vcrt_GetModuleHandleW
__vcrt_InitializeCriticalSectionEx
__vcrt_LoadLibraryExW
_get_purecall_handler
_get_unexpected
_is_exception_typeof
_local_unwind
_purecall
_set_purecall_handler
_set_se_translator
longjmp
memchr
memcmp
memcpy
memmove
memset
set_unexpected
strchr
strrchr
strstr
unexpected
wcschr
wcsrchr
wcsstr
Sections
.text Size: 49KB - Virtual size: 49KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 15KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 148B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 1016B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 396B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
vcruntime140_1.dll.dll windows:6 windows x64 arch:x64
ae0bde6314fa2027b54ce04898f6ab69
Code Sign
33:00:00:01:2e:8f:84:66:68:39:bf:05:bd:00:00:00:00:01:2eCertificate
IssuerCN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before06-09-2019 20:40Not After04-12-2020 20:40SubjectCN=Microsoft Time-Stamp Service,OU=Microsoft Operations Puerto Rico+OU=Thales TSS ESN:B1B7-F67F-FEC2,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageTimeStamping
33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51Certificate
IssuerCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before02-05-2019 21:37Not After02-05-2020 21:37SubjectCN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:16:68:34:00:00:00:00:00:1cCertificate
IssuerCN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6dNot Before03-04-2007 12:53Not After03-04-2021 13:03SubjectCN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
61:0e:90:d2:00:00:00:00:00:03Certificate
IssuerCN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before08-07-2011 20:59Not After08-07-2026 21:09SubjectCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51Certificate
IssuerCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before02-05-2019 21:37Not After02-05-2020 21:37SubjectCN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:0e:90:d2:00:00:00:00:00:03Certificate
IssuerCN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before08-07-2011 20:59Not After08-07-2026 21:09SubjectCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
6a:21:d9:ba:7f:d8:c7:56:73:a4:4e:1f:a8:38:df:0d:fa:e2:27:21:30:b5:82:4c:ca:d0:f9:b1:cb:d6:68:8cSigner
Actual PE Digest6a:21:d9:ba:7f:d8:c7:56:73:a4:4e:1f:a8:38:df:0d:fa:e2:27:21:30:b5:82:4c:ca:d0:f9:b1:cb:d6:68:8cDigest Algorithmsha256PE Digest Matchestrue14:17:93:a4:79:fa:4a:52:fd:a2:99:4c:b8:a5:39:57:99:4c:0f:c6Signer
Actual PE Digest14:17:93:a4:79:fa:4a:52:fd:a2:99:4c:b8:a5:39:57:99:4c:0f:c6Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
d:\agent\_work\1\s\\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdb
Imports
api-ms-win-crt-runtime-l1-1-0
terminate
abort
api-ms-win-crt-heap-l1-1-0
malloc
calloc
free
api-ms-win-crt-string-l1-1-0
strcpy_s
wcsncmp
vcruntime140
__processing_throw
__C_specific_handler
memmove
__current_exception
kernel32
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
RtlUnwindEx
RtlLookupFunctionEntry
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
EncodePointer
RaiseException
RtlPcToFileHeader
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetLastError
SetLastError
TlsAlloc
Exports
Exports
__CxxFrameHandler4
__NLG_Dispatch2
__NLG_Return2
Sections
.text Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 1024B - Virtual size: 1008B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 1024B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 296B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ